CVE-2022-2092

CVE-2022-2092: WooCommerce PDF Invoices & Packing Slips < 2.16.0 - Reflected Cross-Site Scripting

Vendor Unknown
Product WooCommerce PDF Invoices & Packing Slips
Weakness CWE-79 · XSS
Published July 11, 2022
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

The WooCommerce PDF Invoices & Packing Slips WordPress plugin before 2.16.0 doesn't escape a parameter on its setting page, making it possible for attackers to conduct reflected cross-site scripting attacks.

Key dates

02Disclosure timeline

July 11, 2022 CVE published
August 3, 2024 Record updated